PwC Vulnerability Management Associate (Remote) in Phoenix, Arizona
Specialty/Competency: Cybersecurity & Privacy
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: 0%
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.
Our Advisory Acceleration Center is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Invite and provide evidence-based feedback in a timely and constructive manner.
Share and collaborate effectively with others.
Work with existing processes/systems whilst making constructive suggestions for improvements.
Validate data and analysis for accuracy and relevance.
Follow risk management and compliance procedures.
Keep up-to-date with technical developments for business area.
Communicate confidently in a clear, concise and articulate manner – verbally and in written form.
Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
Uphold the firm's code of ethics and business conduct
Basic Qualifications :
Minimum Degree Required :
Minimum Years of Experience :
Preferred Qualifications :
Preferred Fields of Study :
Information CyberSecurity, Computer and Information Science, Information Technology
Certification(s) Preferred :
Certification in vulnerability scanning products from Qualys, Tenable or Rapid7 highly desirable. Relevant SANS training experience is a plus (e.g., SEC460, SEC560)
Preferred Knowledge/Skills :
Demonstrates some knowledge and/ or a proven record of success in the following areas:
Understanding end-to-end Vulnerability Management processes (i.e., the VM lifecycle) and tools (e.g., host-based and application scanners), patch management, GRC tools, and ITSM;
Utilizing common tools used in the VM lifecycle, including ITSM, CMDB, etc;
Using operating system and application security, administration, and debugging;
Utilizing security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security);
Using operating systems such as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools; and,
Using vulnerability Management products from vendors such as Qualys, Tenable and Rapid7.
Demonstrates some abilities and/or experience in the following areas:
Configuring vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives;
Analyzing identified vulnerabilities, along with identifying remediation techniques;
Compiling vulnerability data and reports for both technical and executive audiences;
Identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes;
Reporting remediation of vulnerabilities by coordinating agreed-upon action plans and timelines with responsible technology partners and support teams;
Reviewing and reporting changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model;
Raising awareness of valuable information and maintaining the confidentiality and integrity of data through industry trends, including current and emerging risks, relevant legislation, regulatory requirements, guidelines, and industry developments relating to data protection, privacy, security, and data governance; and,
Providing analysis of impacts to key stakeholders.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoadvisoryassociate .
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
Please note that, at this time, to be in-person at a PwC office, client location or PwC-sponsored events, you must be fully vaccinated against COVID-19.